Data protection regulations

1. An overview of data protection

General information

The following information provides you with an easy-to-understand overview of what happens to your personal data when you visit this website. The term “personal data” includes all data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our privacy policy, which we provide at the end of this copy.

Data collection on this website

Who is responsible for the collection of data on this website (i.e. the “controller”)?

The data on this website is processed by the operator of the website, whose contact information can be found in the section “Information about the controller (referred to as the “controller” in the GDPR)” in this privacy policy.

How do we collect your data?

We collect your data when you provide it to us. This may, for example, be information that you enter in our contact form.

Other data is collected by our IT systems automatically or with your consent during your visit to the website. This data is primarily technical information (e.g. web browser, operating system or time of access to the website). This information is collected automatically when you access this website.

For what purposes do we use your data?

Some of the information is generated to ensure the error-free provision of the website. Other data can be used to analyse your usage behaviour.

What rights do you have in relation to your data?

You have the right to obtain information about the origin, recipients and purpose of use of your archived personal data at any time without incurring a fee. You also have the right to request the correction or deletion of your data. If you have consented to data processing, you have the option to revoke this consent at any time, with effect for the future. You also have the right to request that the processing of your data be restricted under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Please do not hesitate to contact us at any time if you have any questions about this or other data protection-related topics.


2. Hosting

External hosting

This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. This includes IP addresses, contact requests, metadata and messages, contract information, contact information, names, web page views and other data generated via a website.

The host is used for the purpose of contract fulfilment with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6(1)(f) GDPR).

Our host will only process your data to the extent necessary to fulfil its performance obligations and to comply with our instructions in relation to this data.

We use the following host:

Host Europe GmbH
Hansestrasse 111
51149 Cologne

Data processing

We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law, which guarantees that it will only process the personal data of our website visitors on the basis of our instructions and in accordance with the GDPR.


3. General information and mandatory information

Data protection

The operators of this website and its pages take the protection of your personal data very seriously. We therefore treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and for what purposes we use this data. It also explains how and for what purpose the data is collected.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Information about the responsible party (referred to as “controller” in the GDPR)

The controller responsible for data processing on this website is

Alacris Theranostics GmbH
Max-Planck-Straße 3
12489 Berlin
represented by its Managing Director Dr Bodo Lange

Phone: (+49) 0 30 8431 225-0
Fax: (+49) 0 30 8431 225-40
E-mail: info@alacris.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Duration of storage

Unless a more precise storage period is specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you submit a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the deletion will take place after these reasons no longer apply.

Appointment of a data protection officer

We have appointed a data protection officer for our company.

DataGAP GmbH
Bessemerstr. 82
10th floor south
12103 Berlin

Phone: (+49) 0 30 8431 225-0
E-mail: datenschutz@alacris.de

Information on data transfer to the USA and other non-EU countries

Among other things, we use tools from companies based in the United States or other non-EU countries that are unsafe from a data protection perspective. If these tools are active, your personal data may be transferred to these non-EU countries and processed there. We must point out that a level of data protection comparable to that in the EU cannot be guaranteed in these countries. For example, US companies are obliged to pass on personal data to the security authorities and you as the data subject have no opportunity to defend yourself in court. It therefore cannot be ruled out that US authorities (e.g. the Secret Service) may process, analyse and permanently archive your personal data for surveillance purposes. We have no influence on these processing operations.

Revocation of consent to data processing

A large number of data processing operations are only possible with your express consent. You can also revoke any consent you have already given at any time. This does not affect the legality of the data collection carried out up to the point of revocation.

Right to object to data collection in special cases; right to object to direct marketing (Art. 21 GDPR)

IN THE EVENT THAT DATA IS PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE LEGAL BASIS ON WHICH DATA PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING OF YOUR DATA WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PURPOSE OF THE PROCESSING IS THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 6 PARA. 1 LIT. F DSGVO). ART. 21(1) GDPR).

IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. ART. 21(2) GDPR).

Right to lodge a complaint with the competent supervisory authority

In the event of infringements of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or place of the alleged infringement. The right to lodge a complaint is independent of any other administrative or judicial remedy available.

Right to data portability

You have the right to request that we provide you or a third party with the data that we process automatically on the basis of your consent or in fulfilment of a contract in a commonly used, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done if it is technically feasible.

SSL and/or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this website uses either an SSL or a TLS encryption programme. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and the lock symbol appears in the browser line.

If SSL or TLS encryption is activated, data that you transmit to us cannot be read by third parties.

Information about, correction and deletion of data

Within the framework of the applicable legal provisions, you have the right to request information about your archived personal data, its origin and recipients as well as the purpose of the processing of your data at any time. In addition, you may have the right to have your data corrected or deleted. If you have any questions on this subject or other questions on the subject of personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to request the restriction of processing applies in the following cases:

  • If you dispute the accuracy of your data stored by us, we generally require a certain amount of time to verify this assertion. During this review, you have the right to request that we restrict the processing of your personal data.
  • If your personal data was/is processed unlawfully, you have the option of requesting the restriction of the processing of your data instead of its erasure.
  • If we no longer need your personal data and you need it for the exercise, defence or assertion of legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
  • If you have lodged an objection in accordance with Art. 21(1) GDPR, your rights and our rights must be weighed against each other. As long as it has not yet been determined whose interests prevail, you have the right to request that the processing of your personal data be restricted.

If you have restricted the processing of your personal data, these data – with the exception of their archiving – may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of other natural or legal persons or for reasons of important public interest cited by the European Union or a member state of the EU.

Rejection of unsolicited e-mails

We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website and its pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as SPAM messages.


4. Recording of data on this website

Cookies

Our websites and pages use so-called “cookies”. Cookies are small text files that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted as soon as you end your visit. Permanent cookies remain archived on your device until you actively delete them or they are automatically deleted by your web browser.

In some cases, cookies from third parties may be stored on your device as soon as you enter our website (third-party cookies). These cookies enable you or us to use certain services offered by the third party (e.g. cookies for the processing of payment services).

Cookies have a variety of functions. Many cookies are technically necessary, as certain functions of the website would not work without them (e.g. the shopping basket function or the display of videos). The purpose of other cookies may be to analyse user patterns or display advertising messages.

Cookies that are necessary for the performance of electronic communications transactions (required cookies) or to provide certain functions you wish to use (functional cookies, e.g. for the shopping cart function) or cookies that are necessary for the optimisation of the website (e.g. cookies that provide measurable insights into the web audience) are stored on the basis of Art. 6(1)(f) GDPR, unless a different legal basis is cited. The website operator has a legitimate interest in the storage of cookies to ensure the technically error-free and optimised provision of the operator’s services. If your consent to the storage of cookies has been obtained, the respective cookies are stored exclusively on the basis of the consent given (Art. 6 para. 1 lit. a) GDPR); this consent can be revoked at any time.

You have the option of setting your browser so that you are informed about the setting of cookies and only allow the acceptance of cookies in individual cases. You can also exclude the acceptance of cookies for certain cases or in general or activate the deletion function so that the cookies are automatically deleted when the browser is closed. If cookies are deactivated, the functions of this website may be restricted.

If cookies are used by third parties or for analysis purposes, we will inform you separately in connection with this privacy policy and, if necessary, ask for your consent.

Server log files

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. The information includes

  • Type and version of the browser used
  • The operating system used
  • Referrer URL
  • The host name of the accessing computer
  • The time of the server request
  • The IP address

This data is not merged with other data sources.

This data is processed on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free display and optimisation of the operator’s website. In order to achieve this, server log files must be recorded.

Contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6(1)(b) GDPR if your enquiry is related to the fulfilment of a contract or if it is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if this has been requested.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions, in particular retention periods, remain unaffected by this.

Enquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your request, including the resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed on the basis of Art. 6(1)(b) GDPR if your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the data is processed on the basis of our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6(1)(f) GDPR) or on the basis of your consent (Art. 6(1)(a) GDPR), if this has been obtained.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected by this.


5.  Newsletter

Newsletter data

If you would like to subscribe to the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.

The data entered in the newsletter registration form is processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a) GDPR). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example by clicking on the “unsubscribe” link in the newsletter. This does not affect the legality of the data processing carried out up to that point.

The data stored by us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose no longer applies. We reserve the right to delete e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6(1)(f) GDPR.

After you have unsubscribed from the newsletter mailing list, your e-mail address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). Storage in the blacklist is indefinite. You can object to the storage if your interests outweigh our legitimate interest.


6. Plug-ins and tools

Google Web Fonts

To ensure that the fonts used on this website are standardised, this website uses so-called web fonts provided by Google. When you access a page on our website, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

For this purpose, the browser you are using must establish a connection to Google’s servers. This tells Google that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a corresponding declaration of consent has been provided (e.g. consent to the archiving of cookies), the data is processed exclusively on the basis of Art. 6(1)(a) GDPR. Such consent can be revoked at any time.

If your browser does not support web fonts, a standard font installed on your computer will be used.

For more information about Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s privacy policy at: https://policies.google.com/privacy?hl=en.

Google Maps

This website uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

To enable the use of Google Maps functions, your IP address must be stored. This information is usually transmitted to a Google server in the USA and archived there. The operator of this website has no influence on data transmission. If Google Maps is activated, Google has the option of using Google Web Fonts for the standardised display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

We use Google Maps to make our online offering appealing and to make the places indicated on our website easy to find. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If a corresponding declaration of consent has been provided, the data will be processed exclusively on the basis of Art. 6(1)(a) GDPR. This declaration of consent can be revoked at any time.

Data is transferred to the USA on the basis of the European Commission’s Standard Contractual Clauses (SCC). Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information about the handling of user data in Google’s privacy policy at: https://policies.google.com/privacy?hl=en.

Use of Google Analytics

We use Google Analytics to analyse website usage. The data obtained from this is used to optimise our website and advertising measures.

Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the website usage data on our behalf and is contractually obliged to take measures to ensure the security and confidentiality of the processed data.

During your visit to the website, the following data, among others, is transmitted to Google:

  • Pages accessed
  • The achievement of “website goals” (e.g. contact enquiries and newsletter registrations)
  • Your behaviour on the pages (e.g. dwell time, clicks, scroll depth)
  • Your approximate location (country and city)
  • Your Internet address (IP address)
  • Technical information such as browser, internet provider, end device and screen resolution
  • Source of origin of your visit (i.e. via which website or advertising medium you came to us)
  • A randomly generated user ID

No personal data such as name, address or contact details are transmitted to Google Analytics.

This data is transferred to Google servers in the USA. We would like to point out that the same level of protection under data protection law cannot be guaranteed in the USA as within the EU.

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised on future visits to the website.

The recorded data is stored together with the randomly generated user ID, which makes it possible to analyse pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.

If you do not agree to the collection of data, you can prevent this by installing the browser add-on to deactivate Google Analytics or by rejecting cookies via our cookie settings dialogue.

Usage of Google Tag Manager

We use the Google Tag Manager service on our website to manage and deploy marketing and analytics tags (such as Google Analytics, conversion tracking tags, etc.) in a unified manner. Google Tag Manager is a service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).

Data Protection Notice

Google Tag Manager itself does not collect personal data. However, it enables other tags (such as Google Analytics) to be executed, which may collect personal data such as your IP address, device information, or browsing activity.

For more information about the data collection practices of Google services, please refer to the Google privacy policy:
https://policies.google.com/privacy

You can manage your cookie preferences and opt out of tracking through the settings of your browser or through the use of opt-out tools provided by Google.


Source: eRecht24